Conventionally, for instance, in an automobile, a system providing a driver with traffic congestion information, through radio communication which is carried out between a communication apparatus to be mounted on the automobile (hereinafter, referred to as an on-board device) and a communication apparatus to be set on a road (hereinafter, referred to as a roadside device) is used. Further, a system has been studied, in which driving support or automatic driving is carried out while on-board devices mutually perform radio communication. Since human lives are involved in these systems, the confidentiality or the integrity is required for the message to be transmitted.
In order to guarantee the confidentiality or the integrity, the communication apparatus mounts a digital certificate (EE (End Entity) certificate), and for data such as a message to be transmitted, puts a signature on the data or makes the data confidential. Since the digital certificate is issued for each communication apparatus, the communication apparatus transmits the message by appending its own certificate. The communication apparatus which has received the message verifies whether or not the received digital certificate is a digital certificate issued by a predetermined certification authority using a digital certificate (CA (Certification Authority) certificate) of the certification authority, and verifies the signature of the message using the EE certificate which has passed the verification. Hereinafter, the digital certificate is simply referred to as a certificate.
Generally, in a system carrying out driving support or automatic driving, it is required to process 2000 to 4000 messages per second; and it takes a large amount of time to verify the signatures. Therefore, a method is proposed, in which a certificate that has been verified once is stored in a cache, thereby eliminating the subsequent signature verification.
However, generally, since the size of the cache is limited, it is impossible to store certificates exceeding the upper limit of the cache size. For this problem, an apparatus is proposed, which overwrites a part of the cache to store certificates (for instance, Patent Literature 1). Further, for general data, an apparatus which overwrites the cache is proposed (for instance, Patent Literature 2).